Where sensitive data is involved, such as with online financial transactions or for physical access to secure areas, two-factor authentication (or 2FA) is often needed. Two-factor authentication requires a second security measure to confirm your identity. The second security measure could be voice or face recognition or your fingerprint (biometrics). Or, it could be a one-time password (OTP) which is a code that’s either sent to a secure authentication application on your device or computer or sent by text message to your smartphone. The code must then be repeated back to authenticate your transaction. OTP’s are randomly generated at the moment they’re required, are only valid for one use and usually time-out if not used within a certain, short, period of time.